1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Copyright (C) 2007-2012 Siemens AG
4 *
5 * Written by:
6 * Pavel Smolenskiy <pavel.smolenskiy@gmail.com>
7 * Maxim Gorbachyov <maxim.gorbachev@siemens.com>
8 * Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
9 * Alexander Smirnov <alex.bluesman.smirnov@gmail.com>
10 */
11
12 #include <linux/kernel.h>
13 #include <linux/module.h>
14 #include <linux/netdevice.h>
15 #include <linux/crc-ccitt.h>
16 #include <asm/unaligned.h>
17
18 #include <net/mac802154.h>
19 #include <net/ieee802154_netdev.h>
20 #include <net/nl802154.h>
21
22 #include "ieee802154_i.h"
23
ieee802154_deliver_skb(struct sk_buff * skb)24 static int ieee802154_deliver_skb(struct sk_buff *skb)
25 {
26 skb->ip_summed = CHECKSUM_UNNECESSARY;
27 skb->protocol = htons(ETH_P_IEEE802154);
28
29 return netif_receive_skb(skb);
30 }
31
mac802154_rx_beacon_worker(struct work_struct * work)32 void mac802154_rx_beacon_worker(struct work_struct *work)
33 {
34 struct ieee802154_local *local =
35 container_of(work, struct ieee802154_local, rx_beacon_work);
36 struct cfg802154_mac_pkt *mac_pkt;
37
38 mac_pkt = list_first_entry_or_null(&local->rx_beacon_list,
39 struct cfg802154_mac_pkt, node);
40 if (!mac_pkt)
41 return;
42
43 mac802154_process_beacon(local, mac_pkt->skb, mac_pkt->page, mac_pkt->channel);
44
45 list_del(&mac_pkt->node);
46 kfree_skb(mac_pkt->skb);
47 kfree(mac_pkt);
48 }
49
mac802154_should_answer_beacon_req(struct ieee802154_local * local)50 static bool mac802154_should_answer_beacon_req(struct ieee802154_local *local)
51 {
52 struct cfg802154_beacon_request *beacon_req;
53 unsigned int interval;
54
55 rcu_read_lock();
56 beacon_req = rcu_dereference(local->beacon_req);
57 if (!beacon_req) {
58 rcu_read_unlock();
59 return false;
60 }
61
62 interval = beacon_req->interval;
63 rcu_read_unlock();
64
65 if (!mac802154_is_beaconing(local))
66 return false;
67
68 return interval == IEEE802154_ACTIVE_SCAN_DURATION;
69 }
70
mac802154_rx_mac_cmd_worker(struct work_struct * work)71 void mac802154_rx_mac_cmd_worker(struct work_struct *work)
72 {
73 struct ieee802154_local *local =
74 container_of(work, struct ieee802154_local, rx_mac_cmd_work);
75 struct cfg802154_mac_pkt *mac_pkt;
76 u8 mac_cmd;
77 int rc;
78
79 mac_pkt = list_first_entry_or_null(&local->rx_mac_cmd_list,
80 struct cfg802154_mac_pkt, node);
81 if (!mac_pkt)
82 return;
83
84 rc = ieee802154_get_mac_cmd(mac_pkt->skb, &mac_cmd);
85 if (rc)
86 goto out;
87
88 switch (mac_cmd) {
89 case IEEE802154_CMD_BEACON_REQ:
90 dev_dbg(&mac_pkt->sdata->dev->dev, "processing BEACON REQ\n");
91 if (!mac802154_should_answer_beacon_req(local))
92 break;
93
94 queue_delayed_work(local->mac_wq, &local->beacon_work, 0);
95 break;
96 default:
97 break;
98 }
99
100 out:
101 list_del(&mac_pkt->node);
102 kfree_skb(mac_pkt->skb);
103 kfree(mac_pkt);
104 }
105
106 static int
ieee802154_subif_frame(struct ieee802154_sub_if_data * sdata,struct sk_buff * skb,const struct ieee802154_hdr * hdr)107 ieee802154_subif_frame(struct ieee802154_sub_if_data *sdata,
108 struct sk_buff *skb, const struct ieee802154_hdr *hdr)
109 {
110 struct wpan_phy *wpan_phy = sdata->local->hw.phy;
111 struct wpan_dev *wpan_dev = &sdata->wpan_dev;
112 struct cfg802154_mac_pkt *mac_pkt;
113 __le16 span, sshort;
114 int rc;
115
116 pr_debug("getting packet via slave interface %s\n", sdata->dev->name);
117
118 span = wpan_dev->pan_id;
119 sshort = wpan_dev->short_addr;
120
121 /* Level 3 filtering: Only beacons are accepted during scans */
122 if (sdata->required_filtering == IEEE802154_FILTERING_3_SCAN &&
123 sdata->required_filtering > wpan_phy->filtering) {
124 if (mac_cb(skb)->type != IEEE802154_FC_TYPE_BEACON) {
125 dev_dbg(&sdata->dev->dev,
126 "drop non-beacon frame (0x%x) during scan\n",
127 mac_cb(skb)->type);
128 goto fail;
129 }
130 }
131
132 switch (mac_cb(skb)->dest.mode) {
133 case IEEE802154_ADDR_NONE:
134 if (hdr->source.mode != IEEE802154_ADDR_NONE)
135 /* FIXME: check if we are PAN coordinator */
136 skb->pkt_type = PACKET_OTHERHOST;
137 else
138 /* ACK comes with both addresses empty */
139 skb->pkt_type = PACKET_HOST;
140 break;
141 case IEEE802154_ADDR_LONG:
142 if (mac_cb(skb)->dest.pan_id != span &&
143 mac_cb(skb)->dest.pan_id != cpu_to_le16(IEEE802154_PANID_BROADCAST))
144 skb->pkt_type = PACKET_OTHERHOST;
145 else if (mac_cb(skb)->dest.extended_addr == wpan_dev->extended_addr)
146 skb->pkt_type = PACKET_HOST;
147 else
148 skb->pkt_type = PACKET_OTHERHOST;
149 break;
150 case IEEE802154_ADDR_SHORT:
151 if (mac_cb(skb)->dest.pan_id != span &&
152 mac_cb(skb)->dest.pan_id != cpu_to_le16(IEEE802154_PANID_BROADCAST))
153 skb->pkt_type = PACKET_OTHERHOST;
154 else if (mac_cb(skb)->dest.short_addr == sshort)
155 skb->pkt_type = PACKET_HOST;
156 else if (mac_cb(skb)->dest.short_addr ==
157 cpu_to_le16(IEEE802154_ADDR_BROADCAST))
158 skb->pkt_type = PACKET_BROADCAST;
159 else
160 skb->pkt_type = PACKET_OTHERHOST;
161 break;
162 default:
163 pr_debug("invalid dest mode\n");
164 goto fail;
165 }
166
167 skb->dev = sdata->dev;
168
169 /* TODO this should be moved after netif_receive_skb call, otherwise
170 * wireshark will show a mac header with security fields and the
171 * payload is already decrypted.
172 */
173 rc = mac802154_llsec_decrypt(&sdata->sec, skb);
174 if (rc) {
175 pr_debug("decryption failed: %i\n", rc);
176 goto fail;
177 }
178
179 sdata->dev->stats.rx_packets++;
180 sdata->dev->stats.rx_bytes += skb->len;
181
182 switch (mac_cb(skb)->type) {
183 case IEEE802154_FC_TYPE_BEACON:
184 dev_dbg(&sdata->dev->dev, "BEACON received\n");
185 if (!mac802154_is_scanning(sdata->local))
186 goto fail;
187
188 mac_pkt = kzalloc(sizeof(*mac_pkt), GFP_ATOMIC);
189 if (!mac_pkt)
190 goto fail;
191
192 mac_pkt->skb = skb_get(skb);
193 mac_pkt->sdata = sdata;
194 mac_pkt->page = sdata->local->scan_page;
195 mac_pkt->channel = sdata->local->scan_channel;
196 list_add_tail(&mac_pkt->node, &sdata->local->rx_beacon_list);
197 queue_work(sdata->local->mac_wq, &sdata->local->rx_beacon_work);
198 return NET_RX_SUCCESS;
199
200 case IEEE802154_FC_TYPE_MAC_CMD:
201 dev_dbg(&sdata->dev->dev, "MAC COMMAND received\n");
202 mac_pkt = kzalloc(sizeof(*mac_pkt), GFP_ATOMIC);
203 if (!mac_pkt)
204 goto fail;
205
206 mac_pkt->skb = skb_get(skb);
207 mac_pkt->sdata = sdata;
208 list_add_tail(&mac_pkt->node, &sdata->local->rx_mac_cmd_list);
209 queue_work(sdata->local->mac_wq, &sdata->local->rx_mac_cmd_work);
210 return NET_RX_SUCCESS;
211
212 case IEEE802154_FC_TYPE_ACK:
213 goto fail;
214
215 case IEEE802154_FC_TYPE_DATA:
216 return ieee802154_deliver_skb(skb);
217 default:
218 pr_warn_ratelimited("ieee802154: bad frame received "
219 "(type = %d)\n", mac_cb(skb)->type);
220 goto fail;
221 }
222
223 fail:
224 kfree_skb(skb);
225 return NET_RX_DROP;
226 }
227
228 static void
ieee802154_print_addr(const char * name,const struct ieee802154_addr * addr)229 ieee802154_print_addr(const char *name, const struct ieee802154_addr *addr)
230 {
231 if (addr->mode == IEEE802154_ADDR_NONE) {
232 pr_debug("%s not present\n", name);
233 return;
234 }
235
236 pr_debug("%s PAN ID: %04x\n", name, le16_to_cpu(addr->pan_id));
237 if (addr->mode == IEEE802154_ADDR_SHORT) {
238 pr_debug("%s is short: %04x\n", name,
239 le16_to_cpu(addr->short_addr));
240 } else {
241 u64 hw = swab64((__force u64)addr->extended_addr);
242
243 pr_debug("%s is hardware: %8phC\n", name, &hw);
244 }
245 }
246
247 static int
ieee802154_parse_frame_start(struct sk_buff * skb,struct ieee802154_hdr * hdr)248 ieee802154_parse_frame_start(struct sk_buff *skb, struct ieee802154_hdr *hdr)
249 {
250 int hlen;
251 struct ieee802154_mac_cb *cb = mac_cb(skb);
252
253 skb_reset_mac_header(skb);
254
255 hlen = ieee802154_hdr_pull(skb, hdr);
256 if (hlen < 0)
257 return -EINVAL;
258
259 skb->mac_len = hlen;
260
261 pr_debug("fc: %04x dsn: %02x\n", le16_to_cpup((__le16 *)&hdr->fc),
262 hdr->seq);
263
264 cb->type = hdr->fc.type;
265 cb->ackreq = hdr->fc.ack_request;
266 cb->secen = hdr->fc.security_enabled;
267
268 ieee802154_print_addr("destination", &hdr->dest);
269 ieee802154_print_addr("source", &hdr->source);
270
271 cb->source = hdr->source;
272 cb->dest = hdr->dest;
273
274 if (hdr->fc.security_enabled) {
275 u64 key;
276
277 pr_debug("seclevel %i\n", hdr->sec.level);
278
279 switch (hdr->sec.key_id_mode) {
280 case IEEE802154_SCF_KEY_IMPLICIT:
281 pr_debug("implicit key\n");
282 break;
283
284 case IEEE802154_SCF_KEY_INDEX:
285 pr_debug("key %02x\n", hdr->sec.key_id);
286 break;
287
288 case IEEE802154_SCF_KEY_SHORT_INDEX:
289 pr_debug("key %04x:%04x %02x\n",
290 le32_to_cpu(hdr->sec.short_src) >> 16,
291 le32_to_cpu(hdr->sec.short_src) & 0xffff,
292 hdr->sec.key_id);
293 break;
294
295 case IEEE802154_SCF_KEY_HW_INDEX:
296 key = swab64((__force u64)hdr->sec.extended_src);
297 pr_debug("key source %8phC %02x\n", &key,
298 hdr->sec.key_id);
299 break;
300 }
301 }
302
303 return 0;
304 }
305
306 static void
__ieee802154_rx_handle_packet(struct ieee802154_local * local,struct sk_buff * skb)307 __ieee802154_rx_handle_packet(struct ieee802154_local *local,
308 struct sk_buff *skb)
309 {
310 int ret;
311 struct ieee802154_sub_if_data *sdata;
312 struct ieee802154_hdr hdr;
313 struct sk_buff *skb2;
314
315 ret = ieee802154_parse_frame_start(skb, &hdr);
316 if (ret) {
317 pr_debug("got invalid frame\n");
318 return;
319 }
320
321 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
322 if (sdata->wpan_dev.iftype == NL802154_IFTYPE_MONITOR)
323 continue;
324
325 if (!ieee802154_sdata_running(sdata))
326 continue;
327
328 /* Do not deliver packets received on interfaces expecting
329 * AACK=1 if the address filters where disabled.
330 */
331 if (local->hw.phy->filtering < IEEE802154_FILTERING_4_FRAME_FIELDS &&
332 sdata->required_filtering == IEEE802154_FILTERING_4_FRAME_FIELDS)
333 continue;
334
335 skb2 = skb_clone(skb, GFP_ATOMIC);
336 if (skb2) {
337 skb2->dev = sdata->dev;
338 ieee802154_subif_frame(sdata, skb2, &hdr);
339 }
340 }
341 }
342
343 static void
ieee802154_monitors_rx(struct ieee802154_local * local,struct sk_buff * skb)344 ieee802154_monitors_rx(struct ieee802154_local *local, struct sk_buff *skb)
345 {
346 struct sk_buff *skb2;
347 struct ieee802154_sub_if_data *sdata;
348
349 skb_reset_mac_header(skb);
350 skb->ip_summed = CHECKSUM_UNNECESSARY;
351 skb->pkt_type = PACKET_OTHERHOST;
352 skb->protocol = htons(ETH_P_IEEE802154);
353
354 list_for_each_entry_rcu(sdata, &local->interfaces, list) {
355 if (sdata->wpan_dev.iftype != NL802154_IFTYPE_MONITOR)
356 continue;
357
358 if (!ieee802154_sdata_running(sdata))
359 continue;
360
361 skb2 = skb_clone(skb, GFP_ATOMIC);
362 if (skb2) {
363 skb2->dev = sdata->dev;
364 ieee802154_deliver_skb(skb2);
365
366 sdata->dev->stats.rx_packets++;
367 sdata->dev->stats.rx_bytes += skb->len;
368 }
369 }
370 }
371
ieee802154_rx(struct ieee802154_local * local,struct sk_buff * skb)372 void ieee802154_rx(struct ieee802154_local *local, struct sk_buff *skb)
373 {
374 u16 crc;
375
376 WARN_ON_ONCE(softirq_count() == 0);
377
378 if (local->suspended)
379 goto free_skb;
380
381 /* TODO: When a transceiver omits the checksum here, we
382 * add an own calculated one. This is currently an ugly
383 * solution because the monitor needs a crc here.
384 */
385 if (local->hw.flags & IEEE802154_HW_RX_OMIT_CKSUM) {
386 crc = crc_ccitt(0, skb->data, skb->len);
387 put_unaligned_le16(crc, skb_put(skb, 2));
388 }
389
390 rcu_read_lock();
391
392 ieee802154_monitors_rx(local, skb);
393
394 /* Level 1 filtering: Check the FCS by software when relevant */
395 if (local->hw.phy->filtering == IEEE802154_FILTERING_NONE) {
396 crc = crc_ccitt(0, skb->data, skb->len);
397 if (crc)
398 goto drop;
399 }
400 /* remove crc */
401 skb_trim(skb, skb->len - 2);
402
403 __ieee802154_rx_handle_packet(local, skb);
404
405 drop:
406 rcu_read_unlock();
407 free_skb:
408 kfree_skb(skb);
409 }
410
411 void
ieee802154_rx_irqsafe(struct ieee802154_hw * hw,struct sk_buff * skb,u8 lqi)412 ieee802154_rx_irqsafe(struct ieee802154_hw *hw, struct sk_buff *skb, u8 lqi)
413 {
414 struct ieee802154_local *local = hw_to_local(hw);
415 struct ieee802154_mac_cb *cb = mac_cb_init(skb);
416
417 cb->lqi = lqi;
418 skb->pkt_type = IEEE802154_RX_MSG;
419 skb_queue_tail(&local->skb_queue, skb);
420 tasklet_schedule(&local->tasklet);
421 }
422 EXPORT_SYMBOL(ieee802154_rx_irqsafe);
423